Apache Struts struts2-rest-showcase orders clientName Parameter Persistent XSS

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.


Synopsis :

A remote web application is vulnerable to a persistent cross-site
scripting attack.

Description :

The remote web server hosts Struts2-rest-showcase, a demonstration
application for the Struts2 framework. Input passed via the
'clientName' parameter to the 'orders' page is not properly sanitized,
which can allow for arbitrary HTML and script code to be loaded onto
the system that is executed when a user visits the 'orders' page.

See also :

http://secpod.org/blog/?p=450
http://www.nessus.org/u?d16eaf1b

Solution :

Remove or restrict access to the Struts2-rest-showcase application.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.1
(CVSS2#E:F/RL:U/RC:ND)
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 60095 ()

Bugtraq ID: 51902

CVE ID: CVE-2012-1006